<?php
	include("../include/config.php");
	include("../include/functions.php");
	if(isset($_POST['widget_id']) && $_POST['widget_id']==''){
			$pr_id=array_shift($_POST);
			$pr_img=array_shift($_POST);
			
			$_POST['created_date']=date("Y-m-d H:i:s");
			
			$_POST['updated_date']=date("Y-m-d H:i:s");
			if($_FILES['ad']['name']){
				 $image_file=rand().$_FILES['ad']['name'];
				$image_path='../../ad/'.$image_file;
				$temp=$_FILES['ad']['tmp_name'];
				copy($temp,$image_path);
				$_POST['ad']=$image_file;
			}
			
			$_POST['interview']=htmlspecialchars(str_replace("'","",$_POST['interview']));
			$_POST['ad']=htmlspecialchars(str_replace("'","",$_POST['ad']));
			
			
			db_insert(DB_PREFIX.'widgets',$_POST);
			
			header('location:../admin.php?data=widgets&msg=success');
			
	}else{
		$product_id=array_shift($_POST);
		$image=array_shift($_POST);
			
		if($_FILES['ad']['name']){
					 $image_file=rand().$_FILES['ad']['name'];
					$image_path='../../ad/'.$image_file;
					$temp=$_FILES['ad']['tmp_name'];
					copy($temp,$image_path);
					$_POST['ad']=$image_file;
				}
				else{
					$_POST['ad']=$image;
				}
			$_POST['interview']=htmlspecialchars(str_replace("'","",$_POST['interview']));
			$_POST['ad']=htmlspecialchars(str_replace("'","",$_POST['ad']));
			
			db_update(DB_PREFIX.'widgets',$_POST,array('widget_id'=>$product_id));
			
			header('location:../admin.php?data=widgets&msg=updated');
	}
?>